﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.IO;

namespace HRdex_Final.Forms
{
    public partial class WebForm5 : System.Web.UI.Page
    {
        SqlConnection conn = new SqlConnection("Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\HRdexDB.mdf;Integrated Security=True;User Instance=True");
        protected void Page_Load(object sender, EventArgs e)
        {
            string sqlc = "SELECT catUserLevel.catUserLevelName FROM formEmployees INNER JOIN catUserLevel ON formEmployees.UserLevelID = catUserLevel.UserLevelID WHERE formEmployees.EmployeeID = " + SessionID() ;
            SqlDataAdapter cmd = new SqlDataAdapter(sqlc, conn);
            DataTable tbl = new DataTable();
            conn.Open();
            cmd.Fill(tbl);
            conn.Close();
            string chkul = tbl.Rows[0][0].ToString();
            if (chkul != "Admin")
            {
                fuDownloads.Visible = false;
                btnSubmit.Visible = false;
            }
        }

        protected void gvDownload_SelectedIndexChanged(object sender, EventArgs e)
        {
            string strQuery = "SELECT dLoadName, dLoadType, dLoad FROM formDownload WHERE downloadID = " + gvDownload.SelectedDataKey.Value.ToString();
            SqlCommand cmd = new SqlCommand(strQuery);
            DataTable dt = GetData(cmd);
            if (dt != null)
            {
                download(dt);
            }
        }

        string SessionID()
        {
            return Session["EmployeeID"].ToString();
        }

        private DataTable GetData(SqlCommand cmd)
        {
            DataTable dt = new DataTable();
            SqlDataAdapter sda = new SqlDataAdapter();
            cmd.CommandType = CommandType.Text;
            cmd.Connection = conn;
            try
            {
                conn.Open();
                sda.SelectCommand = cmd;
                sda.Fill(dt);
                return dt;

            }
            catch
            {
                return null;
            }
            finally
            {
                conn.Close();
                sda.Dispose();
                conn.Dispose();
            }

        }
        private void download(DataTable dt)
        {
            Byte[] bytes = (Byte[])dt.Rows[0]["dLoad"];
            Response.Buffer = true;
            Response.Charset = "";
            Response.Cache.SetCacheability(HttpCacheability.NoCache);
            Response.ContentType = dt.Rows[0]["dLoadType"].ToString();
            Response.AddHeader("content-disposition", "attachment;FileName="
            + dt.Rows[0]["dLoadName"].ToString());
            Response.BinaryWrite(bytes);
            Response.Flush();
            Response.End();
        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {

            string filepath = fuDownloads.PostedFile.FileName;
            string filename = Path.GetFileName(filepath);
            string filetype = Path.GetExtension(filepath);

            Stream fs = fuDownloads.PostedFile.InputStream;
            BinaryReader br = new BinaryReader(fs);
            Byte[] bytes = br.ReadBytes((Int32)fs.Length);

            string sqlc = "INSERT INTO formDownload (dLoad, dLoadName, dLoadType) " +
                "VALUES ( @byte ,'" + filename +
                "','" + filetype + "')";
            SqlCommand cmd = new SqlCommand(sqlc);

            cmd.Parameters.Add("@byte", SqlDbType.VarBinary).Value = bytes;
            InsertUpdateData(cmd);
            gvDownload.DataBind();
        }

        private Boolean InsertUpdateData(SqlCommand cmd)
        {
            String strConnString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\HRdexDB.mdf;Integrated Security=True;User Instance=True";
            SqlConnection con = new SqlConnection(strConnString);
            cmd.CommandType = CommandType.Text;
            cmd.Connection = con;
            try
            {
                con.Open();
                cmd.ExecuteNonQuery();
                return true;
            }
            catch (Exception ex)
            {
                Response.Write(ex.Message);
                return false;
            }
            finally
            {
                con.Close();
                con.Dispose();
            }
        }

    }
}